tasks/main.yml - private-cloud-ansible-playbooks/apigee-opdk-shutdown-iptables - Git at Google

 ---
 # tasks file for apigee-shutdown-iptables
 - block:

   - name: Stop Iptables service
     become: yes
     service:
       name: iptables
       state: stopped
     register: iptables_service

   - name: Indicate whether iptables are disabled
     cache:
       key: 'iptables_disabled'
       value: "{{ (iptables_service.state == 'disabled') or (iptables_service.state == 'stopped') }}"

   - name: Fail playbook if Iptables is running
     fail:
       msg: 'iptables must be disabled, please restart node'
     when: iptables_disabled is defined and not iptables_disabled

   when: (ansible_distribution | lower == "centos" or ansible_distribution | lower == "oraclelinux")  and ansible_distribution_major_version | version_compare("7", "<") and not ansible_virtualization_type | lower == "docker"

 - block:

   - name: Stop Firewalld service
     become: yes
     service:
       name: firewalld
       state: stopped
       enabled: no

   when: (ansible_distribution | lower == "centos" or ansible_distribution | lower == "oraclelinux")  and ansible_distribution_major_version | version_compare("7", ">=") and not ansible_virtualization_type | lower == "docker"
	---
	# tasks file for apigee-shutdown-iptables
	- block:

	- name: Stop Iptables service
	become: yes
	service:
	name: iptables
	state: stopped
	register: iptables_service

	- name: Indicate whether iptables are disabled
	cache:
	key: 'iptables_disabled'
	value: "{{ (iptables_service.state == 'disabled') or (iptables_service.state == 'stopped') }}"

	- name: Fail playbook if Iptables is running
	fail:
	msg: 'iptables must be disabled, please restart node'
	when: iptables_disabled is defined and not iptables_disabled

	when: (ansible_distribution \| lower == "centos" or ansible_distribution \| lower == "oraclelinux") and ansible_distribution_major_version \| version_compare("7", "<") and not ansible_virtualization_type \| lower == "docker"

	- block:

	- name: Stop Firewalld service
	become: yes
	service:
	name: firewalld
	state: stopped
	enabled: no

	when: (ansible_distribution \| lower == "centos" or ansible_distribution \| lower == "oraclelinux") and ansible_distribution_major_version \| version_compare("7", ">=") and not ansible_virtualization_type \| lower == "docker"